Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1067472C96011EF9DDFCA9B762E951A.roa
File: B1067472C96011EF9DDFCA9B762E951A.roa (raw, json)
Hash identifier: unJDlzxqpL6IbpzxOSRwFyBZd3Mlh9/PiqydrakKuCw=
Subject key identifier: F9:0D:99:67:E0:CB:49:7A:1D:1B:FC:C0:18:FF:4A:C8:E2:FC:A8:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F45C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1067472C96011EF9DDFCA9B762E951A.roa
Signing time: Thu 02 Jan 2025 23:24:20 +0000
ROA not before: Thu 02 Jan 2025 23:24:16 +0000
ROA not after: Mon 13 Dec 2027 23:24:16 +0000
asID: 17561
IP address blocks: 156.226.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62556 (0xf45c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:24:16 2025 GMT
Not After : Dec 13 23:24:16 2027 GMT
Subject: CN=67772024-4218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c1:be:88:26:2c:97:eb:34:c6:75:dd:2a:b1:
0c:14:0e:a9:1b:a5:42:ea:10:1d:08:20:db:b7:ff:
f2:11:29:00:ce:84:77:04:99:88:ab:f5:d8:fa:ac:
77:50:05:9b:4e:3a:f1:d9:b7:10:43:fb:dc:2a:db:
b6:78:51:1c:ca:37:03:c7:b4:9c:a1:35:85:78:94:
a6:07:35:16:fe:fc:ff:b6:42:93:2c:a6:f2:26:7e:
05:f4:a2:d9:cb:57:e7:51:6f:7f:c1:2d:13:b7:6a:
bd:b6:56:20:f6:c9:a4:23:d9:f6:c0:7b:35:5f:8f:
85:fd:6b:2c:57:9d:32:e1:c5:4b:c7:9d:ed:cc:cc:
ef:bf:a9:80:8c:51:3d:0c:05:df:61:3b:e9:09:ad:
06:e9:af:b4:f3:f3:37:2f:f3:b2:3c:f6:93:e9:e2:
19:64:d7:f6:0c:fc:34:9b:72:92:50:1f:66:b3:cf:
26:4c:4c:d0:ca:42:3d:d4:3c:bf:62:be:3c:5b:bf:
4f:3b:94:85:3c:ac:b5:d5:98:a9:43:57:d1:a5:8b:
70:b4:c4:ce:fa:d3:98:45:5a:f8:db:3b:54:73:ba:
99:1c:1a:31:8d:cf:a7:b2:cb:d0:cb:0b:5e:93:2d:
84:ed:35:6a:31:5b:4d:11:23:93:71:96:95:c1:08:
f9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0D:99:67:E0:CB:49:7A:1D:1B:FC:C0:18:FF:4A:C8:E2:FC:A8:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1067472C96011EF9DDFCA9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.224.0/24
Signature Algorithm: sha256WithRSAEncryption
62:16:a7:f9:c5:a0:02:10:25:7e:9d:fd:3b:4f:18:8a:e8:8b:
b4:2c:6c:57:4e:ed:b7:d2:83:73:f7:aa:9b:17:fd:0b:77:02:
ff:cc:4f:bb:a3:14:86:2d:f0:33:5a:f3:b5:9c:09:53:b7:87:
0f:70:84:fa:a0:f4:60:bb:bd:e7:58:05:86:98:ea:73:d2:ae:
a4:59:55:24:ee:f5:c6:25:e1:c5:0b:75:f0:44:76:f9:5f:36:
dc:ed:dd:3f:71:cd:b2:3d:8f:2e:3a:53:58:98:f4:5b:6d:1f:
62:13:0f:28:90:1f:e7:ff:89:e7:f1:e5:f5:91:e8:bb:7a:d7:
29:d8:85:d6:08:39:73:5a:41:26:2e:2a:e7:4c:93:07:e2:04:
7d:01:5e:f4:14:8d:b5:9a:f5:4d:13:31:7c:57:0c:81:b8:bc:
46:e4:42:c9:32:4f:30:ae:ce:98:c5:2a:f9:56:50:8c:df:89:
16:97:b1:61:7a:84:eb:0d:ea:aa:1f:80:af:5a:fd:c4:6f:f7:
ab:66:24:28:fb:9d:2a:96:98:e5:25:dc:20:ea:04:ee:1c:11:
7a:c1:ab:12:97:66:3c:e0:d9:c5:be:84:5a:f3:a7:78:ac:36:
d8:40:2a:96:93:bb:9e:ee:b6:bc:ab:55:b1:af:05:1b:d1:42:
99:40:18:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPRcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjMyNDE2WhcNMjcxMjEzMjMyNDE2WjAYMRYw
FAYDVQQDEw02Nzc3MjAyNC00MjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq8G+iCYsl+s0xnXdKrEMFA6pG6VC6hAdCCDbt//yESkAzoR3BJmIq/XY
+qx3UAWbTjrx2bcQQ/vcKtu2eFEcyjcDx7ScoTWFeJSmBzUW/vz/tkKTLKbyJn4F
9KLZy1fnUW9/wS0Tt2q9tlYg9smkI9n2wHs1X4+F/WssV50y4cVLx53tzMzvv6mA
jFE9DAXfYTvpCa0G6a+08/M3L/OyPPaT6eIZZNf2DPw0m3KSUB9ms88mTEzQykI9
1Dy/Yr48W79PO5SFPKy11ZipQ1fRpYtwtMTO+tOYRVr42ztUc7qZHBoxjc+nssvQ
ywteky2E7TVqMVtNESOTcZaVwQj5HQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPkN
mWfgy0l6HRv8wBj/Ssji/Kh9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMTA2NzQ3MkM5NjAxMUVGOURERkNBOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLgMA0GCSqGSIb3DQEBCwUA
A4IBAQBiFqf5xaACECV+nf07TxiK6Iu0LGxXTu230oNz96qbF/0LdwL/zE+7oxSG
LfAzWvO1nAlTt4cPcIT6oPRgu73nWAWGmOpz0q6kWVUk7vXGJeHFC3XwRHb5Xzbc
7d0/cc2yPY8uOlNYmPRbbR9iEw8okB/n/4nn8eX1kei7etcp2IXWCDlzWkEmLirn
TJMH4gR9AV70FI21mvVNEzF8VwyBuLxG5ELJMk8wrs6YxSr5VlCM34kWl7FheoTr
DeqqH4CvWv3Eb/erZiQo+50qlpjlJdwg6gTuHBF6wasSl2Y84NnFvoRa86d4rDbY
QCqWk7ue7ra8q1WxrwUb0UKZQBhR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:13 2025 by rpki-client